\documentclass[11pt]{article} \usepackage{amsmath} %\usepackage{fullpage} %\usepackage{epic} %\usepackage{eepic} %\usepackage{psfig} %\newcommand{\proof}[1]{ %{\noindent {\it Proof.} {#1} \rule{2mm}{2mm} \vskip \belowdisplayskip} %} %\newtheorem{lemma}{Lemma}[section] %\newtheorem{theorem}[lemma]{Theorem} %\newtheorem{claim}[lemma]{Claim} %\newtheorem{definition}[lemma]{Definition} %\newtheorem{corollary}[lemma]{Corollary} %Theorems and likes \newtheorem{assumption}{Assumption}[section] \newtheorem{theorem}{Theorem}[section] \newtheorem{fact}{Fact}[section] \newtheorem{claim}{Claim}[section] \newtheorem{lemma}{Lemma}[section] \newtheorem{example}{Example}[section] \newtheorem{definition}{Definition}[section] \newtheorem{corollary}{Corollary}[section] \newtheorem{exercise}{Exercise}[section] \newtheorem{observation}{Observation}[section] \newcommand{\bproof}{\noindent{\it Proof}} %\newcommand{\eproof}{\hspace*{\fill}$\Box$~~~~~\bigskip} \newcommand{\eproof}{\hspace*{\fill}\rule{2mm}{2mm}~~~~~\bigskip} \newenvironment{proof}{\bproof: }{\eproof} % symbols and notation \newcommand{\defeq}{\stackrel{\rm def}{=}} \setlength{\oddsidemargin}{0in} \setlength{\topmargin}{0in} \setlength{\textwidth}{6in} \setlength{\textheight}{8in} \begin{document} \setlength{\fboxrule}{.5mm}\setlength{\fboxsep}{1.2mm} \newlength{\boxlength}\setlength{\boxlength}{\textwidth} \addtolength{\boxlength}{-4mm} \begin{center}\framebox{\parbox{\boxlength}{\bf CS 681: Computational Number Theory and Algebra \hfill Lecture 9 \\\\ Polynomial factorization over Finite Fields \\\\ Lecturer: Manindra Agrawal \hfill Scribe: Sudeepa Roy %\\ \begin{flushright} %date August 19, 2005 \end{flushright} }}\end{center} \vspace{5mm} \section{Introduction } In the last lecture we studied the tool automorphism over finite rings. In this lecture we will discuss how to use automorphism to factorize a polynomial over finite fields. \\Let $f(x)$ be a polynomial of degree $d$ over field $F_q$. \begin{definition} $f$ is \textbf{square free} if $g^2$ does not divide for any $g$. \end{definition} \section{Factorization algorithms for different types of polynomials } \subsection{Case I : $f$ is not square free} In this case $g^2~ |~ f$ for some $g$. \\Let $\frac{df}{dx} = f'$. \\Then $g~ |~ gcd(f,f')$. \\This produces a factor of $f$. \subsection{Case II : $f$ is square free} Let $f~ =~ f_1 f_2 \cdots f_k$ \\where each $f_i$ is irreducible and let $\deg f_i~ =~ d_i$ with \begin{center} $d_1 \leq d_2 \leq \cdots \leq d_k$ \end{center} Let %$\left[ abc \right]$s\\ $R = F_q[X] / (f(X))$ \\ $= \oplus_{i=1}^{k} F_q[X] / (f_i(X))$ \\$[$ by Chinese Remaindering, as all the $f_i$ s are distinct and irreducible, so are prime to each other $]$. \\\\Let $\psi(y)~ =~ y^q$ \begin{observation} $\psi$ is an automorphism of $F_q[X]/(f_i(X))$ and $\psi^j$ = \textit{id} in $F_q[X]/(f_i(X))$ iff $j~ =~ d_i$. \end{observation} \subsubsection{Case II.1 : There is an i such that $d_i > d_1$} Then $\psi^{d_1}$ is trivial in $F_q[X] / (f_1(X))$ but not in $F_q[X] / (f_i(X))$. \\In other words, $\psi^{d_1}(X)~ -~ X~ =~ 0$ in $F_q[X] / (f_1(X))$ but not in $F_q[X] / (f_i(X))$ \\$\Rightarrow f_1(x)~|~ \psi^{d_1}(x)~ -~ x$ but \textbf{\textit{not}} $f_i(x)~|~ \psi^{d_1}(x)~ -~ x$ \\\\{\large\textbf{Algorithm}} %\normalsize \\\\$for$ $i~=~1$ $to$ $d-1$ $do$ compute $gcd(\psi^i(x)~ -~x,~f(x))$ \\\\{\large\textbf{Time Complexity} \begin{observation} $gcd(\psi^i(x)~ -~x,~f(x))~ =~ gcd((\psi^i(x)~ -~x) \mod f(x),~f(x))$ \end{observation} Hence in each step of the algorithm we will perform $=~ gcd(x^{q^i} \mod f(x) -~ x,~f(x))$ so that the degree of both the terms are bounded above by $\deg f(x)~ =~ d$. \\\\To compute $x^{q^i}$ we will follow repeated squaring method, where we will compute the sequence $x,x^2,x^4,\cdots,x^{2^j}$ $[$ each modulo f $]$ unless $2^j > q^i$. \\Here no. of squaring required = $\log{q^i}~ =~ i\log q~ \leq~ d\log q$ as $i~ \leq~ d$. \\\\Using FFT, complexity of polynomial multiplication = complexity of polynomial division = $O(d \log d)$ where degree of each polynomial is bounded by $d$. So at each step of the above sequence computation, multiplication and taking modulo $f$ needs $O(d \log d)$ operations. As each element of the field $F_q$ is $\log q$ bits long, so complexity of multiplication of coefficients of $f$ using FFT is $O(\log q~ \log\log q~ \log\log\log q$), or ignoring sublogarithmic factors $\tilde{O}(\log q)$. \\\\ Hence time complexity to compute $x^{q^i}$ \\ = $\tilde{O}(d \log q.~ d \log d.~ \log q)$\\ = $\tilde{O}(d^2~ (\log q)^2~ \log d)$\\ = $\tilde{O}(d^2 \log^2 q)$ $[$ ignoring $\log d$ factor $]$ \\\\ To compute $gcd(\psi^i(x)~ -~x,~f(x))$ \\ = $\tilde{O}(d^3 \log^2 q)$ $[$ as we may have to iterate at most $d$ times to get the gcd $]$. \\\\Hence to iterate the procedure $d-1$ times, time complexity of the algorithm = $\tilde{O}(d^4\log^2q)$. \\$[$Using more intelligent gcd algorithm the time complexity can be reduced by a factor of $d$ $]$. \subsubsection{Case II.2 : $d_1 = d_2 = \cdots = d_k = \frac{d}{k}$} In this case, $gcd(\psi^i(x)~ -~x,~f(x))~ =~ 1$ for $i~ < \frac{d}{k}$ and $gcd(\psi^{\frac{d}{k}}(x)~ -~x,~f(x))~ =~ f(x)$. \\Hence we can obtain no. of factors of the polynomial $f$, if we note down the point $i=t$ such that the value of the gcd changes from $1$, then $\frac{d}{t}~ =~ k$ = no. of factors of $f$. \\\\The first step will be to reduce the problem to finding roots $[$ finding roots is equivalent to find the linear factors of $f$, so it is no harder than factorization problem $]$. \\\\$R = \oplus_{i=1}^{k} F_q[X] / (f_i(X))$ $[$ by Chinese Remaindering, as all the $f_i$s are distinct and irreducible $]$ \\Let $S = \left\{ e(X)~ |~ e(X)\in R ~\&~ \psi(e(X))~ =~ e(X)\right\}$ \\Each $e(X)$ can be viewed as a k-tuple. \begin{observation} Each component of $e(X)\in S$ represented as a k-tuple $\in F_q$. \end{observation} Hence, \\ $|S|~=~q^k~ >~ q~ =~ |F_q|$ if $k~ >~ 1$. \\$[$We have $k$ tuples and $q$ elements in each tuple, and by Chinese Remaindering Theorem all are distinct elements of $R$ $]$ \\$\Rightarrow$ There is an $e(X)~ \in S~ -~ F_q$ \\\\$[$ To be continued in the next lecture $]$. \end{document}